linux login
I am being asked for a linux login password and I do not know it. I am using Suse 9.3. Is there any way to remove it?
|
A bit more infomation would be usefull. Are you getting a command prompt, or a Graphical login? I am assuming that this is your computer you are talking about.
|
root password hacking is fun! This is one of my favourite questions to ask in interviews for Linux people. Going along with deadalus.globalnode's comment, we'll assume this is your computer where you do have access to try these things. These methods are fairly advanced, but I'll try to give as much detail as possible.
First thing you need is a linux live distro. Any suse install or live disk should work. Assuming it's a suse disk, boot off the iso and go into "Rescue Mode". There should be a menu option when the cd boots. One you get a root prompt: you have 2 options: 1. chroot into your system and run the password command The first thing we had to do is identify your root partition: Quote:
Once we know the root file system: Quote:
At this point you should be able to type the command: `password`. It should ask you for a new password. Type it in twice and should take effect. Then: Quote:
2. Edit the shadow file with a known good password hash. Thinking about it, this is actually even more advanced, so we'll leave this as a last resort if option 1 doesn't work ;) --Shaun |
If you are going to go all out, I would go with Backtrack 4. :)
Really any live linux cd that has perl installed will work just fine. In addition to what binary_perl said you can do it is like so: boot a live cd open the password file in a text editor found at /etc/passwd copy and paste the following into the file at the end: myroot:XXq2wKiyI43A2:0:0:root:/root:/bin/bash after you have saved the file, reboot. you login as "myroot" with "password" as your password ( with out the quote marks). If you want a different password then use the perl command: perl -e 'print crypt("your_password_goes_here", "XX"). "\n"' and replace XXq2wKiyI43A2 with the out put of the command above. I find this way a bit simpler. :) |
Wouldn't it be easier to first append init=/bin/bash to the kernel-line in grub, and then change passwords from there? May grub has no password set.
|
What deadalus.globalnode is describing is what I was calling option 2.
deadalus.globalnode: I have 2 concerns with your idea: 1. Does Backtrack try to figure out a root filesystem and make that the root filesystem when in it? My concern is that micronda may be trying to modify files in / that are part of the cd root file system, and not actually their filesystem. I saw someone use Backtrack to easily break WEP keys once, I want to try it myself just haven't had a chance to ;) 2. micronda probably needs to modify /etc/shadow instead of /etc/passwd. I can't say for sure, but most linux systems I believe use 'x' in the 2nd field of the /etc/passwd, as an indicator that the actual hash is stored in /etc/shadow. But I'm not sure if putting a hash in the 2nd field of /etc/passwd would still be valid or not. This is why I like this as interview question, so many ways to go about it ;) --Shaun |
Quote:
But yes, if passing init=/bin/bash works, that is easier. Basically (assuming grub is your bootloader): When you system is at the menu where you can choose your kernel: move the cursor to highlight the kernel you want to boot. Press 'e'. Move the cursor to the end and try to type ' init=/bin/bash'. This should hopefully bring you to a root prompt where you could type the `password` command to reset the password. --Shaun |
In answer to your first question, No Backtrack treats the hard disk root partition as a disk to be mounted. So the user would have to figure out what partition contained / .
Backtrack can be a lot of fun, and if you do get a chance to play with it I think you will agree. :D Quote:
|
All times are GMT -5. The time now is 09:38 AM. |